Typosquatting, a new practice that takes advantage of people hurriedly entering a URL address and accidentally mistyping, can lead to a host of cybersecurity issues. Just by omitting the “o” in .com, you could end up at a site designed to infect visitors with malware and viruses.

Cybercriminals are setting up shop online with websites that have domain addresses that resemble legitimate sites. They count on fat-finger mistakes to lead them to into their lairs.

The Washington Post, quoting from a Fraud.org consumer alert, reports, “If a user is unlucky enough to mistakenly type in the wrong address, they may be taken to a booby-trapped website filled with viruses and malware, or to a website that looks just like the legitimate website but is designed to gather their personal data for scammers.” Fraud.org also warns that such websites can also try to pass as real retailers, selling knock-off imitation products to consumers who believe they are getting the real deal.

Noted cybersecurity journalist Brian Krebs estimates that approximately 12 million online users visited potentially dangerous websites during the first quarter of 2018. He warned that some sites that mimic popular URLs try to trap visitors into responding to fake security alerts. When they do, their computers lock up.

Both Krebs and Fraud.org advise bookmarking legitimate sites instead of typing their full URLs into browser windows. And, if you are searching for a URL, type in the business name without the dot com.

Get the full story at The Washington Post.